| NSF Org: |
CNS Division Of Computer and Network Systems |
| Recipient: |
|
| Initial Amendment Date: | September 14, 2015 |
| Latest Amendment Date: | September 14, 2015 |
| Award Number: | 1526306 |
| Award Instrument: | Standard Grant |
| Program Manager: |
Phillip Regalia
pregalia@nsf.gov (703)292-2981 CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | October 1, 2015 |
| End Date: | September 30, 2019 (Estimated) |
| Total Intended Award Amount: | $216,952.00 |
| Total Awarded Amount to Date: | $216,952.00 |
| Funds Obligated to Date: |
|
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
29 TOWN BEACH ROAD WINCHESTER NH US 03470-2467 (206)420-3136 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
7 Temple St Cambridge MA US 02139-2403 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): | Secure &Trustworthy Cyberspace |
| Primary Program Source: |
|
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
Large-scale Internet censorship prevents citizens of many parts of the world from accessing vast amounts of otherwise publicly available information. The recognition and publication of these censorship events have aided in motivating the development of new privacy-enhancing technologies to circumvent the censor. We argue that as circumvention technologies improve and the cost of detecting their use increases, adversaries that are intent on restricting access to information will seek out alternative techniques for disruption. As such, understanding these alternative disruption techniques and how they affect network anonymity, privacy, and performance is paramount not only to the successful design of future technologies, but also to the security of existing networks and systems. Accordingly, this project explores, designs, and transitions to practice techniques that will improve the resilience of privacy-enhancing technologies against these realistic but understudied threats to network anonymity, privacy, and availability. We consider adversaries that look beyond weaknesses in software implementations or protocols and instead seek to destabilize anonymity services by affecting the shared resources upon which these services depend.
This project studies how Internet infrastructure attacks apply to anonymity networks. The research designs defenses that improve the resilience against such threats, and transitions such defenses to the deployed Tor network. Our research activities (i) examine performance-based resource attacks and design privacy-preserving detection techniques to understand not only how denial-of-service attacks can drain network resources, but more importantly, how to automatically detect and prevent such attacks; (ii) study how control-plane routing attacks can be used to harm anonymity, and develop attack mitigation techniques to understand how to improve the resilience of anonymity networks against threats from the underlying untrusted Internet infrastructure; and (iii) analyze the impact of human mobility on anonymity to understand how to provide robust and secure anonymity services to the now ubiquitous mobile operating environment. The activities help expand understudied research areas and not only help improve the design of future technologies, but also enhance the security of existing networks and systems.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
Activists, whistleblowers, military and law enforcement, businesses and governments, and ordinary Internet users are among those that use anonymity networks to protect their privacy online. Anonymity networks typically operate as network overlays on top of the Internet, and aim to separate the notions of network location (where you are on the network) from network identity (who you are). They permit more privacy-preserving methods of communication, and are a critical component of censorship-circumvention systems.
This project explored, designed, and transitioned to practice techniques that improve the resilience of anonymity systems against realistic but understudied threats to network anonymity, privacy, and availability. Much of the existing work in developing defenses for anonymity systems has focused on finding and correcting weaknesses in the design of the anonymity protocols. This has led to an arms race in which developers of anonymity systems harden their software against new attacks, while adversaries attempt to discover new vulnerabilities. We posit that adversaries who wish to stay ahead of the curve will transition to new attacks that target the underlying resources on which anonymity systems depend. That is, attackers will increasingly focus on alternative techniques for disrupting anonymous communication. A core goal of this project was to understand these alternative disruption techniques and how they affect anonymity networks, and develop robust defenses.
This project led to several groundbreaking improvements in (1) safely measuring anonymity networks, (2) understanding attacks against such networks, and (3) developing and deploying robust defenses. In total, this project led to 14 peer-reviewed papers, nearly all of which were published at top academic venues (e.g., CCS, USENIX Security, NDSS, TOPS, VLDB, and IMC). Highlights of this project’s findings include:
- The development of a suite of tools and protocols for safely measuring anonymity networks. We have significantly advanced the state-of-the-art in performing privacy-preserving measurements on anonymity networks such as Tor through three separate research activities: enhancing PrivCount, robust measurement taking through Historϵ, and unique counting. We also conducted the most detailed measurement study to date of the Tor anonymity network.
- The construction, and deployment, of multiple defenses against denial-of-service attacks. Our defenses were informed by our real-world measurements of actual attacks against fielded anonymity networks, and have helped defend anonymity networks against actual (real-world) attacks.
- The introduction and deployment of techniques for better managing resources in anonymity networks, leading to improved performance and robustness against flooding-style events.
Making contributions beyond science and technology is a core component of this project’s goals. Securely and privately communicating is of tremendous interest to organizations and individuals seeking to freely access and disseminate information. The research activities completed during this project significantly improve the ability to communicate privately online by increasing the resiliency of anonymity networks to both present-day and future threats. Results from this project have been disseminated through publications (all of which are posted online) and through numerous software artifacts that have all been made publicly available (under open source licenses).
This research project has also fully or partially supported three Ph.D. students, all of whom have successfully completed their doctoral studies.
Last Modified: 12/30/2019
Modified by: Roger Dingledine
Please report errors in award information by writing to: awardsearch@nsf.gov.
